Wallet v6

 #!/bin/bash


# Ensure ORACLE_SID and DEFAULT_LOCATION are passed as arguments

if [[ -z "$1" || -z "$2" ]]; then

    echo "Usage: $0 <ORACLE_SID> <DEFAULT_LOCATION>"

    exit 1

fi


export ORACLE_SID=$1

export DEFAULT_LOCATION=$2

export LOG_LOCATION="$DEFAULT_LOCATION/encryption/wallet_backup/logs"


export ORACLE_HOME=/u01/app/oracle/product/19c/dbhome_1

export PATH=$ORACLE_HOME/bin:$PATH

SQLPLUS="$ORACLE_HOME/bin/sqlplus -s / as sysdba"


# Ensure required directories exist

mkdir -p "$LOG_LOCATION"


# Standard password (static)

STANDARD_PWD="xyxyxyxyxytsts"


# Fetch cloakware password dynamically

NEWPSWD=$(/path/to/pwEcho.exe "$ORACLE_SID" WALLET)

[[ -z "$NEWPSWD" ]] && NEWPSWD="NA"


# Function to fetch DB details

get_db_info() {

    $SQLPLUS <<EOF

SET HEAD OFF FEEDBACK OFF PAGESIZE 0 LINESIZE 200

SELECT 

    name || '|' || status || '|' || 

    NVL((SELECT WRL_PARAMETER FROM gv\$encryption_wallet WHERE inst_id = (SELECT INSTANCE_NUMBER FROM v\$instance)), 'NA') || '|' ||

    (SELECT CASE WHEN COUNT(*) > 0 THEN 'YES' ELSE 'NO' END FROM dba_tablespaces WHERE ENCRYPTED='YES') || '|' ||

    version || '|' || NVL(WALLET_TYPE, 'NA')

FROM v\$database, v\$encryption_wallet;

EXIT;

EOF

}


# Fetch database details

DB_INFO=$(get_db_info)

IFS='|' read -r DBNAME STATUS WALLET_LOCATION TBS_ENCR DB_VERSION WALLET_TYPE <<< "$DB_INFO"


# Check if Wallet is Present

WRL_PRESENT="N"

if [[ "$WALLET_LOCATION" != "NA" && -d "$WALLET_LOCATION" ]]; then

    WRL_PRESENT="Y"

fi


# Wallet Backup (Independent of Password Validation)

SHARED_LOCATION="$DEFAULT_LOCATION/$DBNAME"

WRL_BKUP="N"


if [[ "$WRL_PRESENT" == "Y" ]]; then

    echo "Wallet found at: $WALLET_LOCATION" | tee -a "$LOG_LOCATION/wallet_validate.log"


    # Check if database name exists in wallet path

    if [[ "$WALLET_LOCATION" == *"$DBNAME"* ]]; then

        mkdir -p "$SHARED_LOCATION"

        cp "$WALLET_LOCATION"/* "$SHARED_LOCATION"

        echo "Wallet backup completed at $SHARED_LOCATION" | tee -a "$LOG_LOCATION/wallet_validate.log"

        WRL_BKUP="Y"

    else

        echo "Database name not found in wallet path. Skipping backup." | tee -a "$LOG_LOCATION/wallet_validate.log"

    fi

else

    echo "Wallet location is not found in database." | tee -a "$LOG_LOCATION/wallet_validate.log"

fi


# Wallet Password Validation

PWD_MATCH="N"

CLK_PWD="N"


if [[ "$WRL_PRESENT" == "Y" ]]; then

    # Try Cloakware Password First

    echo "$NEWPSWD" | mkstore -wrl "$WALLET_LOCATION" -list >/dev/null 2>&1

    if [[ $? -eq 0 ]]; then

        PWD_MATCH="Y"

        CLK_PWD="Y"

        echo "Cloakware password is valid." | tee -a "$LOG_LOCATION/wallet_validate.log"

    else

        # Try Standard Password

        echo "$STANDARD_PWD" | mkstore -wrl "$WALLET_LOCATION" -list >/dev/null 2>&1

        if [[ $? -eq 0 ]]; then

            PWD_MATCH="Y"

            CLK_PWD="N"

            echo "Standard password is valid." | tee -a "$LOG_LOCATION/wallet_validate.log"

        else

            PWD_MATCH="N"

            CLK_PWD="N"

            echo "Wallet password validation failed." | tee -a "$LOG_LOCATION/wallet_validate.log"

        fi

    fi

fi


# Generate Report

RUN_DATE=$(date '+%Y-%m-%d %H:%M:%S')

REPORT_FILE="$LOG_LOCATION/report-$(date '+%Y%m%d').log"


cat <<EOF > "$REPORT_FILE"

DB Name: $DBNAME

DB Version: $DB_VERSION

Wallet Type: $WALLET_TYPE

TDE: $( [[ "$STATUS" == "OPEN" ]] && echo "Y" || echo "N" )

WRL: $WRL_PRESENT

TBS ENCR: $TBS_ENCR

WRL BKUP: $WRL_BKUP

KEY BKUP: Y/N

CLK: $CLK_PWD

PWD Match: $PWD_MATCH

Run Date: $RUN_DATE

EOF


echo "Report saved at $REPORT_FILE"

Comments

Post a Comment

Popular posts from this blog

Database growth

#!/bin/bash # Log file LOGFILE="db_growth_check.log" echo "Checking yearly database growth on all running Oracle databases..." > $LOGFILE echo "DATABASE_NAME | YEAR | GROWTH_GB" >> $LOGFILE echo "---------------------------------" >> $LOGFILE # Find running Oracle instances (excluding ASM and APX) ps -ef | grep pmon | grep -v grep | grep -Ev "(\+ASM|APX)" | awk -F'_' '{print $3}' | while read -r ORACLE_SID do     if [[ -n "$ORACLE_SID" ]]; then         echo "Processing database: $ORACLE_SID"         # Set Oracle environment         export ORACLE_SID=$ORACLE_SID         export ORAENV_ASK=NO         . oraenv > /dev/null 2>&1         # Run SQL query to check yearly database growth         SQL_OUTPUT=$(sqlplus -s / as sysdba <<EOF SET HEADING OFF; SET FEEDBACK OFF; SELECT '$ORACLE_SID' AS DATABASE_NAME,  ...
Read more

DBA Day-2 ve

 Operating system  CPU mpstat top  load average  pidstat dstat -vr strace---> debug if system CPU usage % is high but if you dont know then use strace -tp `grep testdb1 2>&1 | head 100 debug if User CPU usage % is high but if you dont know then use 6. jobs (hit enter) 6.1 perf record -F 99 -a -g --sleep 10 (Profiling ) 6.2 perf report -n --stdio 6.3 ./perf-tools/execsnoop Memory vmstat I/O iostat -xmd 1 iotop Network sar -n DEV 1 mtr netstat -antpl | grep 1521 nmcli device status ethtool iperf3 -c 10.1.90.51 https://www.youtube.com/watch?v=eWUeJBAiX80 fs.aio-max-nr--> Async I/O max fs.file-max --> Max file open kernal.shmmin --> how many program segment can access(permission) the shared memory kernal.shmall --> maximum amount of shared memory can accessed by all the process other than OS(set to sum of all SGAs on the server divided by page size – ‘getconf PAGESIZE’) kernal.shmmax --> maximum amount of shared memory can accessed by ind...
Read more

Asm

#!/bin/bash # Set environment variables ORACLE_SID=YOUR_SID ORACLE_HOME=/path/to/oracle_home export ORACLE_SID ORACLE_HOME LOG_DIR=/path/to/logs SQL_DIR=/path/to/sql mkdir -p "$LOG_DIR" mkdir -p "$SQL_DIR" DB_USER="/ as sysdba" # Function to generate SQL data for each target type generate_sql() {   local TARGET_TYPE=$1   local SQL_FILE="$SQL_DIR/${TARGET_TYPE}_data.sql"   local OUTPUT_FILE="/tmp/${TARGET_TYPE}_data.txt"   case "$TARGET_TYPE" in     cluster)       echo "SET HEADING OFF; SET FEEDBACK OFF; SET PAGESIZE 0;" > "$SQL_FILE"       echo "SELECT TARGET_NAME || '|' || HOST_NAME || '|' || CREDENTIALS || '|' || CLUSTER_NAME || '|' || VIP_ADDRESS FROM CLUSTER_TARGETS;" >> "$SQL_FILE"       ;;     # Additional target types can be added here     *)       echo "[ERROR] Unknown target type: $TARGET_TYPE"       return 1       ;;   esac ...
Read more